Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- fix:ensure grype-offline-db uses dedicated service account by @Aneesh-Hegde in #834
- fix: make grype-offline-db CronJob history limits configurable via values.yaml by @Shreya2005-2005 in #837
- feat: remove service discovery components by @matthyx in #835
- fix: make grype-offline-db CronJob schedule configurable via values.yaml by @Shreya2005-2005 in #839
- fix: add liveness and readiness probes to grype-offline-db deployment by @Shreya2005-2005 in #841
- Fix kubevuln tmp-dir PVC rendering when disabled by @aaa-aashna in #842
- prepare release 1.40.2 by @matthyx in #846
- certificate strategy hook -> initContainer by @lyuval-armosec in #843
- kubescape/kubescape@v4.0.6...v4.0.8
- feat(httphandler): support TLS key configuration via env vars by @Kayd-06 in kubescape/kubescape#2029
- fix(cautils): use TrimPrefix to strip URL scheme in CreatePortForwarder by @sahitya-chandra in kubescape/kubescape#2018
- fix: validate severity-threshold flag before running scan by @Shreya2005-2005 in kubescape/kubescape#2031
- fix: surface YAML parse errors instead of silently dropping documents by @Varadraj75 in kubescape/kubescape#2034
- fix(cautils): return error on git URL parse failure and handle unmarshal error by @sakshar2303 in kubescape/kubescape#2036
- fix(core): add warning logs for dropped workloads in local file scans by @Kayd-06 in kubescape/kubescape#2032
- fix: validate compliance-threshold and fail-threshold in scan and sca… by @Shreya2005-2005 in kubescape/kubescape#2040
- fix: replace os.ReadDir with os.RemoveAll in removeResultDirs by @Varadraj75 in kubescape/kubescape#2038
- get services from API, removing sidecar requirement by @matthyx in kubescape/kubescape#1960
- fix: validate empty format flag before running scan subcommands by @Shreya2005-2005 in kubescape/kubescape#2044
- docs: replace placeholder Long description in scan command by @Shreya2005-2005 in kubescape/kubescape#2046
- docs: add Git-repository and Kustomize-directory to scan Long description by @Shreya2005-2005 in kubescape/kubescape#2048
- fix: return clear error when directory path is passed to
kubescape fixby @Shreya2005-2005 in kubescape/kubescape#2050 - test: add baseline coverage for compliance-critical functions in opaprocessor by @Varadraj75 in kubescape/kubescape#2054
- test(vap): comprehensive test coverage for VAP commands (77 tests) by @manmathbh in kubescape/kubescape#2019
- feat(opaprocessor): filter expired exceptions before applying results by @manmathbh in kubescape/kubescape#2023
- feat: add ControlInput CRD for in-cluster control configuration by @manmathbh in kubescape/kubescape#2042
- fix: return error when empty name passed to download framework or control by @Shreya2005-2005 in kubescape/kubescape#2058
- docs: add PDF output format and fix heading inconsistencies in getting-started.md by @Ridhi-03Kumari in kubescape/kubescape#2056
- feat(vap): add --timeout flag to deploy-library command by @manmathbh in kubescape/kubescape#2021
- suppress spurious interrupt signal log on graceful exit by @yugal07 in kubescape/kubescape#2060
- Fix scan results not submitted when using API_URL-based service discovery (no services.json) by @Copilot in kubescape/kubescape#2064
- kubescape/kubevuln@v0.3.137...v0.3.142
- get services from API, removing sidecar requirement by @matthyx in kubescape/kubevuln#340
- chore(deps): Bump github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream from 1.7.7 to 1.7.8 by @dependabot[bot] in kubescape/kubevuln#360
- fix: set viper delim key and test proxyRegistryMap by @mkm29 in kubescape/kubevuln#361
- chore(deps): Bump github.com/go-git/go-git/v5 from 5.18.0 to 5.19.0 by @dependabot[bot] in kubescape/kubevuln#363
- fix: close previous grype DB store before replacing on 24h refresh by @matthyx in kubescape/kubevuln#364
- kubescape/node-agent@v0.3.111...v0.3.119
- get services from API, removing sidecar requirement by @matthyx in kubescape/node-agent#772
- fix: improve logging for rules with missing profileDataRequired by @matthyx in kubescape/node-agent#803
- fix: cache only completed container profiles to ensure data integrity by @matthyx in kubescape/node-agent#813
- Chore(deps): Bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.11.0 by @dependabot[bot] in kubescape/node-agent#814
- Chore(deps): Bump github.com/go-git/go-git/v5 from 5.18.0 to 5.19.0 by @dependabot[bot] in kubescape/node-agent#816
- fix(networkstream): fix timeout, mutex stall, and empty-stream skip by @matthyx in kubescape/node-agent#817
- kubescape/operator@v0.2.141...v0.2.142
- fix(gitlab): populate repositories for scan-all by @matthyx in kubescape/operator#371
- kubescape/synchronizer@v0.0.141...v0.0.147
- get services from API, removing sidecar requirement by @matthyx in kubescape/synchronizer#145
- chore(deps): bump github.com/cilium/cilium from 1.17.14 to 1.17.15 by @dependabot[bot] in kubescape/synchronizer#154
- update packages by @YakirOren in kubescape/synchronizer#155
- fix(httpendpoint): increase ReadTimeout for large network stream payloads by @matthyx in kubescape/synchronizer#156
Full Changelog: kubescape-operator-1.40.1...kubescape-operator-1.40.2